./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 2329fc70 Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c9a35f77051831a79054d5620e487d68dd21285b0cc9c8ae29c469f997bd1ec7 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-2329fc7 [2022-12-14 10:21:18,094 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-12-14 10:21:18,095 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-12-14 10:21:18,109 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-12-14 10:21:18,109 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-12-14 10:21:18,110 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-12-14 10:21:18,111 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-12-14 10:21:18,112 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-12-14 10:21:18,113 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-12-14 10:21:18,113 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-12-14 10:21:18,114 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-12-14 10:21:18,115 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-12-14 10:21:18,115 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-12-14 10:21:18,116 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-12-14 10:21:18,116 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-12-14 10:21:18,117 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-12-14 10:21:18,118 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-12-14 10:21:18,118 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-12-14 10:21:18,120 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-12-14 10:21:18,121 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-12-14 10:21:18,122 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-12-14 10:21:18,123 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-12-14 10:21:18,123 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-12-14 10:21:18,124 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-12-14 10:21:18,126 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-12-14 10:21:18,127 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-12-14 10:21:18,127 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-12-14 10:21:18,127 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-12-14 10:21:18,128 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-12-14 10:21:18,128 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-12-14 10:21:18,129 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-12-14 10:21:18,129 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-12-14 10:21:18,130 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-12-14 10:21:18,130 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-12-14 10:21:18,131 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-12-14 10:21:18,131 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-12-14 10:21:18,131 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-12-14 10:21:18,132 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-12-14 10:21:18,132 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-12-14 10:21:18,132 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-12-14 10:21:18,133 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-12-14 10:21:18,134 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-12-14 10:21:18,148 INFO L113 SettingsManager]: Loading preferences was successful [2022-12-14 10:21:18,148 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-12-14 10:21:18,148 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-12-14 10:21:18,148 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-12-14 10:21:18,149 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-12-14 10:21:18,149 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-12-14 10:21:18,149 INFO L138 SettingsManager]: * User list type=DISABLED [2022-12-14 10:21:18,150 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-12-14 10:21:18,150 INFO L138 SettingsManager]: * Explicit value domain=true [2022-12-14 10:21:18,150 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-12-14 10:21:18,150 INFO L138 SettingsManager]: * Octagon Domain=false [2022-12-14 10:21:18,150 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-12-14 10:21:18,151 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-12-14 10:21:18,151 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-12-14 10:21:18,151 INFO L138 SettingsManager]: * Interval Domain=false [2022-12-14 10:21:18,152 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-12-14 10:21:18,152 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-12-14 10:21:18,152 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-12-14 10:21:18,153 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-12-14 10:21:18,153 INFO L138 SettingsManager]: * sizeof long=4 [2022-12-14 10:21:18,153 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-12-14 10:21:18,153 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-12-14 10:21:18,153 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-12-14 10:21:18,154 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-12-14 10:21:18,154 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-12-14 10:21:18,154 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-12-14 10:21:18,154 INFO L138 SettingsManager]: * sizeof long double=12 [2022-12-14 10:21:18,154 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-12-14 10:21:18,155 INFO L138 SettingsManager]: * Use constant arrays=true [2022-12-14 10:21:18,155 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-12-14 10:21:18,155 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-12-14 10:21:18,155 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-12-14 10:21:18,155 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-12-14 10:21:18,156 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-12-14 10:21:18,156 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-12-14 10:21:18,156 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-12-14 10:21:18,156 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-12-14 10:21:18,156 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-12-14 10:21:18,156 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-12-14 10:21:18,157 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-12-14 10:21:18,157 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-12-14 10:21:18,157 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c9a35f77051831a79054d5620e487d68dd21285b0cc9c8ae29c469f997bd1ec7 [2022-12-14 10:21:18,334 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-12-14 10:21:18,350 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-12-14 10:21:18,352 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-12-14 10:21:18,353 INFO L271 PluginConnector]: Initializing CDTParser... [2022-12-14 10:21:18,353 INFO L275 PluginConnector]: CDTParser initialized [2022-12-14 10:21:18,354 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c [2022-12-14 10:21:21,005 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-12-14 10:21:21,273 INFO L351 CDTParser]: Found 1 translation units. [2022-12-14 10:21:21,273 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c [2022-12-14 10:21:21,289 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/data/a9eeb3767/55640901d1fe414eacfa79aee7c1a687/FLAG858ca381d [2022-12-14 10:21:21,303 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/data/a9eeb3767/55640901d1fe414eacfa79aee7c1a687 [2022-12-14 10:21:21,306 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-12-14 10:21:21,308 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-12-14 10:21:21,309 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-12-14 10:21:21,309 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-12-14 10:21:21,313 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-12-14 10:21:21,313 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,314 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@689bcf18 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21, skipping insertion in model container [2022-12-14 10:21:21,315 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,322 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-12-14 10:21:21,377 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-12-14 10:21:21,680 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,682 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,692 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,693 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,745 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,746 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c[53446,53459] [2022-12-14 10:21:21,756 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,757 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,766 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-12-14 10:21:21,777 INFO L203 MainTranslator]: Completed pre-run [2022-12-14 10:21:21,830 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,832 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,836 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,836 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,858 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,859 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c[53446,53459] [2022-12-14 10:21:21,860 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,861 WARN L623 FunctionHandler]: Unknown extern function puts [2022-12-14 10:21:21,868 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-12-14 10:21:21,888 INFO L208 MainTranslator]: Completed translation [2022-12-14 10:21:21,889 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21 WrapperNode [2022-12-14 10:21:21,889 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-12-14 10:21:21,890 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-12-14 10:21:21,890 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-12-14 10:21:21,890 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-12-14 10:21:21,896 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,918 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,955 INFO L138 Inliner]: procedures = 110, calls = 135, calls flagged for inlining = 40, calls inlined = 33, statements flattened = 620 [2022-12-14 10:21:21,955 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-12-14 10:21:21,956 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-12-14 10:21:21,956 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-12-14 10:21:21,956 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-12-14 10:21:21,965 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,965 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,969 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,970 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,982 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,987 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,990 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,992 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:21,997 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-12-14 10:21:21,998 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-12-14 10:21:21,998 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-12-14 10:21:21,998 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-12-14 10:21:21,999 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (1/1) ... [2022-12-14 10:21:22,006 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-12-14 10:21:22,015 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 10:21:22,024 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-12-14 10:21:22,027 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-12-14 10:21:22,061 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2022-12-14 10:21:22,061 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2022-12-14 10:21:22,061 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2022-12-14 10:21:22,062 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2022-12-14 10:21:22,062 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2022-12-14 10:21:22,062 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2022-12-14 10:21:22,062 INFO L130 BoogieDeclarations]: Found specification of procedure puts [2022-12-14 10:21:22,062 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2022-12-14 10:21:22,062 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2022-12-14 10:21:22,062 INFO L130 BoogieDeclarations]: Found specification of procedure queue [2022-12-14 10:21:22,062 INFO L138 BoogieDeclarations]: Found implementation of procedure queue [2022-12-14 10:21:22,063 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2022-12-14 10:21:22,063 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2022-12-14 10:21:22,063 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-12-14 10:21:22,063 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2022-12-14 10:21:22,063 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2022-12-14 10:21:22,063 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2022-12-14 10:21:22,063 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2022-12-14 10:21:22,064 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2022-12-14 10:21:22,064 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2022-12-14 10:21:22,064 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-12-14 10:21:22,064 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-12-14 10:21:22,064 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-12-14 10:21:22,192 INFO L235 CfgBuilder]: Building ICFG [2022-12-14 10:21:22,194 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-12-14 10:21:22,606 INFO L276 CfgBuilder]: Performing block encoding [2022-12-14 10:21:22,766 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-12-14 10:21:22,766 INFO L300 CfgBuilder]: Removed 1 assume(true) statements. [2022-12-14 10:21:22,769 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 10:21:22 BoogieIcfgContainer [2022-12-14 10:21:22,769 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-12-14 10:21:22,772 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-12-14 10:21:22,772 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-12-14 10:21:22,775 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-12-14 10:21:22,775 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.12 10:21:21" (1/3) ... [2022-12-14 10:21:22,776 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@13889d08 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.12 10:21:22, skipping insertion in model container [2022-12-14 10:21:22,776 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.12 10:21:21" (2/3) ... [2022-12-14 10:21:22,777 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@13889d08 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.12 10:21:22, skipping insertion in model container [2022-12-14 10:21:22,777 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 10:21:22" (3/3) ... [2022-12-14 10:21:22,778 INFO L112 eAbstractionObserver]: Analyzing ICFG email_spec11_product10.cil.c [2022-12-14 10:21:22,797 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-12-14 10:21:22,797 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-12-14 10:21:22,835 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-12-14 10:21:22,841 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4a001f28, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-12-14 10:21:22,841 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-12-14 10:21:22,845 INFO L276 IsEmpty]: Start isEmpty. Operand has 92 states, 62 states have (on average 1.4838709677419355) internal successors, (92), 64 states have internal predecessors, (92), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (19), 19 states have call predecessors, (19), 19 states have call successors, (19) [2022-12-14 10:21:22,851 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-12-14 10:21:22,852 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 10:21:22,852 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 10:21:22,853 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 10:21:22,856 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 10:21:22,856 INFO L85 PathProgramCache]: Analyzing trace with hash 470314452, now seen corresponding path program 1 times [2022-12-14 10:21:22,863 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 10:21:22,864 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [533177080] [2022-12-14 10:21:22,864 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:21:22,864 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 10:21:22,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:21:23,057 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:21:23,057 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 10:21:23,057 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [533177080] [2022-12-14 10:21:23,058 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [533177080] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 10:21:23,058 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 10:21:23,058 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-12-14 10:21:23,059 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [65958517] [2022-12-14 10:21:23,060 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 10:21:23,063 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-12-14 10:21:23,063 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 10:21:23,084 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-12-14 10:21:23,085 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-12-14 10:21:23,086 INFO L87 Difference]: Start difference. First operand has 92 states, 62 states have (on average 1.4838709677419355) internal successors, (92), 64 states have internal predecessors, (92), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (19), 19 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-12-14 10:21:23,157 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 10:21:23,157 INFO L93 Difference]: Finished difference Result 150 states and 202 transitions. [2022-12-14 10:21:23,158 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-12-14 10:21:23,159 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 42 [2022-12-14 10:21:23,159 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 10:21:23,165 INFO L225 Difference]: With dead ends: 150 [2022-12-14 10:21:23,166 INFO L226 Difference]: Without dead ends: 89 [2022-12-14 10:21:23,169 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-12-14 10:21:23,171 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 23 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 105 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 23 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 10:21:23,172 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 105 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 23 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 10:21:23,184 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-12-14 10:21:23,200 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2022-12-14 10:21:23,201 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 60 states have (on average 1.4333333333333333) internal successors, (86), 61 states have internal predecessors, (86), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-12-14 10:21:23,203 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 123 transitions. [2022-12-14 10:21:23,204 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 123 transitions. Word has length 42 [2022-12-14 10:21:23,205 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 10:21:23,205 INFO L495 AbstractCegarLoop]: Abstraction has 89 states and 123 transitions. [2022-12-14 10:21:23,205 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-12-14 10:21:23,205 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 123 transitions. [2022-12-14 10:21:23,207 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-12-14 10:21:23,207 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 10:21:23,207 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 10:21:23,207 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-12-14 10:21:23,207 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 10:21:23,208 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 10:21:23,208 INFO L85 PathProgramCache]: Analyzing trace with hash -1339406850, now seen corresponding path program 1 times [2022-12-14 10:21:23,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 10:21:23,208 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [502489914] [2022-12-14 10:21:23,208 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:21:23,209 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 10:21:23,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:21:23,325 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:21:23,325 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 10:21:23,326 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [502489914] [2022-12-14 10:21:23,326 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [502489914] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 10:21:23,326 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 10:21:23,326 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-12-14 10:21:23,326 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [662405695] [2022-12-14 10:21:23,326 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 10:21:23,327 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-12-14 10:21:23,328 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 10:21:23,328 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-12-14 10:21:23,328 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 10:21:23,329 INFO L87 Difference]: Start difference. First operand 89 states and 123 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-12-14 10:21:23,390 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 10:21:23,390 INFO L93 Difference]: Finished difference Result 146 states and 190 transitions. [2022-12-14 10:21:23,390 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-12-14 10:21:23,391 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 43 [2022-12-14 10:21:23,391 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 10:21:23,392 INFO L225 Difference]: With dead ends: 146 [2022-12-14 10:21:23,392 INFO L226 Difference]: Without dead ends: 91 [2022-12-14 10:21:23,393 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 10:21:23,394 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 0 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 203 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 10:21:23,394 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 203 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 10:21:23,395 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2022-12-14 10:21:23,401 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2022-12-14 10:21:23,401 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 62 states have (on average 1.4193548387096775) internal successors, (88), 63 states have internal predecessors, (88), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-12-14 10:21:23,402 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 125 transitions. [2022-12-14 10:21:23,402 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 125 transitions. Word has length 43 [2022-12-14 10:21:23,402 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 10:21:23,403 INFO L495 AbstractCegarLoop]: Abstraction has 91 states and 125 transitions. [2022-12-14 10:21:23,403 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-12-14 10:21:23,403 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 125 transitions. [2022-12-14 10:21:23,404 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-12-14 10:21:23,404 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 10:21:23,404 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 10:21:23,404 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-12-14 10:21:23,404 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 10:21:23,404 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 10:21:23,405 INFO L85 PathProgramCache]: Analyzing trace with hash 2127584954, now seen corresponding path program 1 times [2022-12-14 10:21:23,405 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 10:21:23,405 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [841377097] [2022-12-14 10:21:23,405 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:21:23,405 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 10:21:23,426 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:21:23,497 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:21:23,498 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 10:21:23,498 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [841377097] [2022-12-14 10:21:23,498 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [841377097] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 10:21:23,498 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [807202540] [2022-12-14 10:21:23,498 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:21:23,498 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 10:21:23,499 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 10:21:23,500 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 10:21:23,501 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-12-14 10:21:23,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:21:23,697 INFO L263 TraceCheckSpWp]: Trace formula consists of 772 conjuncts, 3 conjunts are in the unsatisfiable core [2022-12-14 10:21:23,704 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 10:21:23,754 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:21:23,754 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-12-14 10:21:23,802 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:21:23,802 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [807202540] provided 0 perfect and 2 imperfect interpolant sequences [2022-12-14 10:21:23,802 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1112404618] [2022-12-14 10:21:23,822 INFO L159 IcfgInterpreter]: Started Sifa with 40 locations of interest [2022-12-14 10:21:23,823 INFO L166 IcfgInterpreter]: Building call graph [2022-12-14 10:21:23,826 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-12-14 10:21:23,831 INFO L176 IcfgInterpreter]: Starting interpretation [2022-12-14 10:21:23,832 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-12-14 10:21:30,256 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-12-14 10:21:30,558 INFO L180 IcfgInterpreter]: Interpretation finished [2022-12-14 10:21:47,248 WARN L233 SmtUtils]: Spent 6.24s on a formula simplification. DAG size of input: 573 DAG size of output: 309 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:21:59,021 WARN L233 SmtUtils]: Spent 11.50s on a formula simplification. DAG size of input: 575 DAG size of output: 442 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:21:59,606 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1112404618] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 10:21:59,606 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-12-14 10:21:59,606 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [13] imperfect sequences [4, 4, 4] total 19 [2022-12-14 10:21:59,607 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [576984889] [2022-12-14 10:21:59,607 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 10:21:59,607 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-12-14 10:21:59,607 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 10:21:59,608 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-12-14 10:21:59,608 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=58, Invalid=284, Unknown=0, NotChecked=0, Total=342 [2022-12-14 10:21:59,608 INFO L87 Difference]: Start difference. First operand 91 states and 125 transitions. Second operand has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2022-12-14 10:22:02,542 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 10:22:02,542 INFO L93 Difference]: Finished difference Result 244 states and 379 transitions. [2022-12-14 10:22:02,542 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2022-12-14 10:22:02,543 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) Word has length 47 [2022-12-14 10:22:02,543 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 10:22:02,545 INFO L225 Difference]: With dead ends: 244 [2022-12-14 10:22:02,545 INFO L226 Difference]: Without dead ends: 165 [2022-12-14 10:22:02,545 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 143 GetRequests, 126 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 29.0s TimeCoverageRelationStatistics Valid=58, Invalid=284, Unknown=0, NotChecked=0, Total=342 [2022-12-14 10:22:02,546 INFO L413 NwaCegarLoop]: 146 mSDtfsCounter, 95 mSDsluCounter, 1206 mSDsCounter, 0 mSdLazyCounter, 793 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 95 SdHoareTripleChecker+Valid, 1352 SdHoareTripleChecker+Invalid, 803 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 793 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.8s IncrementalHoareTripleChecker+Time [2022-12-14 10:22:02,546 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [95 Valid, 1352 Invalid, 803 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 793 Invalid, 0 Unknown, 0 Unchecked, 2.8s Time] [2022-12-14 10:22:02,547 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 165 states. [2022-12-14 10:22:02,600 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 165 to 112. [2022-12-14 10:22:02,600 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 83 states have (on average 1.4457831325301205) internal successors, (120), 84 states have internal predecessors, (120), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-12-14 10:22:02,601 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 157 transitions. [2022-12-14 10:22:02,601 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 157 transitions. Word has length 47 [2022-12-14 10:22:02,601 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 10:22:02,602 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 157 transitions. [2022-12-14 10:22:02,602 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2022-12-14 10:22:02,602 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 157 transitions. [2022-12-14 10:22:02,603 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-12-14 10:22:02,603 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 10:22:02,603 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 10:22:02,609 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-12-14 10:22:02,803 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 10:22:02,805 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 10:22:02,806 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 10:22:02,806 INFO L85 PathProgramCache]: Analyzing trace with hash 53823577, now seen corresponding path program 1 times [2022-12-14 10:22:02,807 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 10:22:02,808 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [409187874] [2022-12-14 10:22:02,808 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:22:02,808 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 10:22:02,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:22:02,888 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:22:02,888 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 10:22:02,889 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [409187874] [2022-12-14 10:22:02,889 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [409187874] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 10:22:02,889 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 10:22:02,889 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-12-14 10:22:02,889 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [52589711] [2022-12-14 10:22:02,889 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 10:22:02,890 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-12-14 10:22:02,890 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 10:22:02,890 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-12-14 10:22:02,891 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 10:22:02,891 INFO L87 Difference]: Start difference. First operand 112 states and 157 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-12-14 10:22:03,053 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 10:22:03,053 INFO L93 Difference]: Finished difference Result 260 states and 379 transitions. [2022-12-14 10:22:03,053 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-12-14 10:22:03,053 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 48 [2022-12-14 10:22:03,054 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 10:22:03,055 INFO L225 Difference]: With dead ends: 260 [2022-12-14 10:22:03,056 INFO L226 Difference]: Without dead ends: 162 [2022-12-14 10:22:03,057 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-12-14 10:22:03,058 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 46 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 44 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 44 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-12-14 10:22:03,058 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 200 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 44 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-12-14 10:22:03,059 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-12-14 10:22:03,180 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 157. [2022-12-14 10:22:03,181 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 128 states have (on average 1.5234375) internal successors, (195), 129 states have internal predecessors, (195), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-12-14 10:22:03,182 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 232 transitions. [2022-12-14 10:22:03,182 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 232 transitions. Word has length 48 [2022-12-14 10:22:03,182 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 10:22:03,182 INFO L495 AbstractCegarLoop]: Abstraction has 157 states and 232 transitions. [2022-12-14 10:22:03,182 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-12-14 10:22:03,182 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 232 transitions. [2022-12-14 10:22:03,183 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-12-14 10:22:03,183 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 10:22:03,183 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 10:22:03,183 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-12-14 10:22:03,183 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 10:22:03,184 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 10:22:03,184 INFO L85 PathProgramCache]: Analyzing trace with hash -1952830557, now seen corresponding path program 1 times [2022-12-14 10:22:03,184 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 10:22:03,184 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [875635670] [2022-12-14 10:22:03,184 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:22:03,184 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 10:22:03,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:22:03,250 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:22:03,250 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 10:22:03,250 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [875635670] [2022-12-14 10:22:03,250 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [875635670] provided 0 perfect and 1 imperfect interpolant sequences [2022-12-14 10:22:03,250 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1577316299] [2022-12-14 10:22:03,250 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:22:03,250 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 10:22:03,251 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 [2022-12-14 10:22:03,251 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-12-14 10:22:03,252 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-12-14 10:22:03,404 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:22:03,406 INFO L263 TraceCheckSpWp]: Trace formula consists of 789 conjuncts, 3 conjunts are in the unsatisfiable core [2022-12-14 10:22:03,410 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-12-14 10:22:03,424 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:22:03,425 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-12-14 10:22:03,454 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-12-14 10:22:03,454 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1577316299] provided 0 perfect and 2 imperfect interpolant sequences [2022-12-14 10:22:03,454 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1988725977] [2022-12-14 10:22:03,457 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-12-14 10:22:03,457 INFO L166 IcfgInterpreter]: Building call graph [2022-12-14 10:22:03,458 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-12-14 10:22:03,458 INFO L176 IcfgInterpreter]: Starting interpretation [2022-12-14 10:22:03,458 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-12-14 10:22:13,829 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-12-14 10:22:14,301 INFO L197 IcfgInterpreter]: Interpreting procedure sendEmail with input of size 249 for LOIs [2022-12-14 10:22:15,767 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailTo with input of size 239 for LOIs [2022-12-14 10:22:15,818 INFO L197 IcfgInterpreter]: Interpreting procedure outgoing with input of size 251 for LOIs [2022-12-14 10:22:24,995 INFO L197 IcfgInterpreter]: Interpreting procedure isReadable with input of size 446 for LOIs [2022-12-14 10:22:25,245 INFO L197 IcfgInterpreter]: Interpreting procedure getEmailTo with input of size 242 for LOIs [2022-12-14 10:22:25,281 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailFrom with input of size 478 for LOIs [2022-12-14 10:22:28,508 INFO L180 IcfgInterpreter]: Interpretation finished [2022-12-14 10:22:49,672 WARN L233 SmtUtils]: Spent 9.78s on a formula simplification. DAG size of input: 584 DAG size of output: 453 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:23:01,007 WARN L233 SmtUtils]: Spent 11.14s on a formula simplification. DAG size of input: 586 DAG size of output: 456 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:23:20,308 WARN L233 SmtUtils]: Spent 8.50s on a formula simplification. DAG size of input: 478 DAG size of output: 365 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:23:56,324 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1988725977] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 10:23:56,324 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-12-14 10:23:56,325 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [38] imperfect sequences [4, 4, 4] total 44 [2022-12-14 10:23:56,325 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1701991364] [2022-12-14 10:23:56,325 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 10:23:56,325 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 39 states [2022-12-14 10:23:56,325 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 10:23:56,326 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2022-12-14 10:23:56,326 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=1774, Unknown=0, NotChecked=0, Total=1892 [2022-12-14 10:23:56,326 INFO L87 Difference]: Start difference. First operand 157 states and 232 transitions. Second operand has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-12-14 10:24:02,470 WARN L233 SmtUtils]: Spent 5.25s on a formula simplification. DAG size of input: 568 DAG size of output: 427 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:24:14,327 WARN L233 SmtUtils]: Spent 6.66s on a formula simplification. DAG size of input: 578 DAG size of output: 345 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:24:20,574 WARN L233 SmtUtils]: Spent 5.93s on a formula simplification. DAG size of input: 576 DAG size of output: 343 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:24:30,769 WARN L233 SmtUtils]: Spent 5.44s on a formula simplification. DAG size of input: 514 DAG size of output: 446 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:24:37,954 WARN L233 SmtUtils]: Spent 6.74s on a formula simplification. DAG size of input: 521 DAG size of output: 448 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:24:44,309 WARN L233 SmtUtils]: Spent 6.08s on a formula simplification. DAG size of input: 580 DAG size of output: 447 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-12-14 10:24:59,548 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 10:24:59,549 INFO L93 Difference]: Finished difference Result 410 states and 646 transitions. [2022-12-14 10:24:59,549 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 43 states. [2022-12-14 10:24:59,549 INFO L78 Accepts]: Start accepts. Automaton has has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Word has length 49 [2022-12-14 10:24:59,550 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 10:24:59,551 INFO L225 Difference]: With dead ends: 410 [2022-12-14 10:24:59,551 INFO L226 Difference]: Without dead ends: 308 [2022-12-14 10:24:59,552 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 159 GetRequests, 107 SyntacticMatches, 0 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 573 ImplicationChecksByTransitivity, 144.2s TimeCoverageRelationStatistics Valid=200, Invalid=2662, Unknown=0, NotChecked=0, Total=2862 [2022-12-14 10:24:59,552 INFO L413 NwaCegarLoop]: 112 mSDtfsCounter, 238 mSDsluCounter, 1937 mSDsCounter, 0 mSdLazyCounter, 2240 mSolverCounterSat, 25 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 6.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 239 SdHoareTripleChecker+Valid, 2049 SdHoareTripleChecker+Invalid, 2265 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 25 IncrementalHoareTripleChecker+Valid, 2240 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 6.5s IncrementalHoareTripleChecker+Time [2022-12-14 10:24:59,553 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [239 Valid, 2049 Invalid, 2265 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [25 Valid, 2240 Invalid, 0 Unknown, 0 Unchecked, 6.5s Time] [2022-12-14 10:24:59,553 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 308 states. [2022-12-14 10:24:59,729 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 308 to 258. [2022-12-14 10:24:59,729 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 258 states, 217 states have (on average 1.5852534562211982) internal successors, (344), 219 states have internal predecessors, (344), 26 states have call successors, (26), 15 states have call predecessors, (26), 14 states have return successors, (26), 23 states have call predecessors, (26), 25 states have call successors, (26) [2022-12-14 10:24:59,730 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 258 states to 258 states and 396 transitions. [2022-12-14 10:24:59,730 INFO L78 Accepts]: Start accepts. Automaton has 258 states and 396 transitions. Word has length 49 [2022-12-14 10:24:59,731 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 10:24:59,731 INFO L495 AbstractCegarLoop]: Abstraction has 258 states and 396 transitions. [2022-12-14 10:24:59,731 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-12-14 10:24:59,731 INFO L276 IsEmpty]: Start isEmpty. Operand 258 states and 396 transitions. [2022-12-14 10:24:59,732 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-12-14 10:24:59,732 INFO L187 NwaCegarLoop]: Found error trace [2022-12-14 10:24:59,732 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-12-14 10:24:59,737 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-12-14 10:24:59,933 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-12-14 10:24:59,934 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-12-14 10:24:59,935 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-12-14 10:24:59,936 INFO L85 PathProgramCache]: Analyzing trace with hash -1586674403, now seen corresponding path program 1 times [2022-12-14 10:24:59,936 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-12-14 10:24:59,937 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [286212443] [2022-12-14 10:24:59,937 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-12-14 10:24:59,937 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-12-14 10:24:59,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-12-14 10:25:00,144 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-12-14 10:25:00,144 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-12-14 10:25:00,145 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [286212443] [2022-12-14 10:25:00,145 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [286212443] provided 1 perfect and 0 imperfect interpolant sequences [2022-12-14 10:25:00,145 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-12-14 10:25:00,145 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-12-14 10:25:00,145 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1064277272] [2022-12-14 10:25:00,145 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-12-14 10:25:00,146 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-12-14 10:25:00,146 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-12-14 10:25:00,146 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-12-14 10:25:00,146 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-12-14 10:25:00,147 INFO L87 Difference]: Start difference. First operand 258 states and 396 transitions. Second operand has 6 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2022-12-14 10:25:00,414 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-12-14 10:25:00,414 INFO L93 Difference]: Finished difference Result 272 states and 417 transitions. [2022-12-14 10:25:00,414 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-12-14 10:25:00,415 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) Word has length 52 [2022-12-14 10:25:00,415 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-12-14 10:25:00,415 INFO L225 Difference]: With dead ends: 272 [2022-12-14 10:25:00,415 INFO L226 Difference]: Without dead ends: 0 [2022-12-14 10:25:00,416 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-12-14 10:25:00,417 INFO L413 NwaCegarLoop]: 113 mSDtfsCounter, 67 mSDsluCounter, 379 mSDsCounter, 0 mSdLazyCounter, 130 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 492 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 130 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-12-14 10:25:00,417 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 492 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 130 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-12-14 10:25:00,418 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-12-14 10:25:00,418 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-12-14 10:25:00,418 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-12-14 10:25:00,418 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-12-14 10:25:00,418 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 52 [2022-12-14 10:25:00,418 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-12-14 10:25:00,418 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-12-14 10:25:00,419 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2022-12-14 10:25:00,419 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-12-14 10:25:00,419 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-12-14 10:25:00,421 INFO L805 garLoopResultBuilder]: Registering result SAFE for location outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-12-14 10:25:00,421 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-12-14 10:25:00,423 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-12-14 10:25:35,303 WARN L233 SmtUtils]: Spent 14.26s on a formula simplification. DAG size of input: 601 DAG size of output: 595 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-12-14 10:25:45,638 INFO L902 garLoopResultBuilder]: At program point L1662(line 1662) the Hoare annotation is: true [2022-12-14 10:25:45,638 INFO L902 garLoopResultBuilder]: At program point L1662-1(line 1662) the Hoare annotation is: true [2022-12-14 10:25:45,639 INFO L899 garLoopResultBuilder]: For program point L2521-1(line 2521) no Hoare annotation was computed. [2022-12-14 10:25:45,639 INFO L902 garLoopResultBuilder]: At program point L2521(line 2521) the Hoare annotation is: true [2022-12-14 10:25:45,640 INFO L895 garLoopResultBuilder]: At program point L1606(line 1606) the Hoare annotation is: (or (not (<= 1 |outgoing_#in~client#1|)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~rjh~0 |old(~__ste_email_to0~0)|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (and (= |outgoing_getClientId_#in~handle#1| |outgoing_~client#1|) (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |outgoing_#in~msg#1| |outgoing_~msg#1|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (<= |outgoing_~tmp~3#1| 2147483647) (= |old(~queue_empty~0)| ~queue_empty~0) (= |outgoing_getClientId_~retValue_acc~28#1| ~__ste_client_idCounter0~0) (= ~queued_client~0 |old(~queued_client~0)|) (= |outgoing_getClientId_#in~handle#1| |outgoing_getClientId_~handle#1|) (= |outgoing_~client#1| |outgoing_#in~client#1|) (= |outgoing_getClientId_~retValue_acc~28#1| |outgoing_getClientId_#res#1|) (= |outgoing_~tmp~3#1| |outgoing_getClientId_#res#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648))) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (<= |outgoing_#in~client#1| 1)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= |outgoing_#in~msg#1| 1)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~bob~0 |outgoing_#in~client#1|)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,640 INFO L899 garLoopResultBuilder]: For program point L1606-1(line 1606) no Hoare annotation was computed. [2022-12-14 10:25:45,642 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 1600 1611) the Hoare annotation is: (or (not (<= 1 |outgoing_#in~client#1|)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~rjh~0 |old(~__ste_email_to0~0)|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (<= |outgoing_#in~client#1| 1)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= |outgoing_#in~msg#1| 1)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~bob~0 |outgoing_#in~client#1|)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,642 INFO L899 garLoopResultBuilder]: For program point L1640(lines 1640 1646) no Hoare annotation was computed. [2022-12-14 10:25:45,644 INFO L895 garLoopResultBuilder]: At program point L2342(line 2342) the Hoare annotation is: (or (not (<= 1 |outgoing_#in~client#1|)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~rjh~0 |old(~__ste_email_to0~0)|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (<= |outgoing_#in~client#1| 1)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= |outgoing_#in~msg#1| 1)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~bob~0 |outgoing_#in~client#1|)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (and (<= 2 |outgoing_mail_~tmp~2#1|) (= |outgoing_incoming__wrappee__AutoResponder_#in~client#1| |outgoing_incoming_~client#1|) (= |outgoing_incoming__wrappee__Base_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_incoming__wrappee__AutoResponder_~client#1|) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_getClientAutoResponse_~handle#1|) (<= 1 |outgoing_mail_~msg#1|) (= |outgoing_deliver_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (= |outgoing_autoRespond_~__utac__ad__arg1~0#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~client#1|) (= |outgoing_incoming_~msg#1| |outgoing_incoming_#in~msg#1|) (= |outgoing_incoming_~client#1| |outgoing_incoming_#in~client#1|) (= |outgoing_incoming_#in~client#1| |outgoing_mail_~tmp~2#1|) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~client#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_~client#1|) (<= ~queued_message~0 0) (= |outgoing_incoming__wrappee__AutoResponder_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= ~__ste_email_from0~0 2147483647) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~msg#1| |outgoing_autoRespond_~__utac__ad__arg2~0#1|) (= |outgoing_deliver_~client#1| |outgoing_deliver_#in~client#1|) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (= |outgoing_incoming__wrappee__Base_~msg#1| |outgoing_deliver_#in~msg#1|) (<= |outgoing_getClientId_#res#1| 2147483647) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_autoRespond_#in~client#1|) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__AutoResponder_#in~client#1|) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__Base_~msg#1|) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_getClientAutoResponse_~retValue_acc~20#1|) (<= 1 |outgoing_mail_#in~msg#1|) (= |outgoing_mail_~msg#1| |outgoing_incoming_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (= |outgoing_deliver_~msg#1| |outgoing_deliver_#in~msg#1|) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_mail_~tmp~2#1| 2) (<= |outgoing_getClientId_#in~handle#1| 1) (= |outgoing_autoRespond_~__utac__ad__arg1~0#1| |outgoing_autoRespond_~client#1|) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (= |outgoing_autoRespond_~msg#1| |outgoing_autoRespond_~__utac__ad__arg2~0#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~msg#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_~msg#1|) (<= |outgoing_mail_~msg#1| 1) (= |outgoing_incoming_~msg#1| |outgoing_incoming__wrappee__AutoResponder_#in~msg#1|) (<= |outgoing_mail_#in~client#1| 1) (= |outgoing_autoRespond_#in~client#1| |outgoing_autoRespond_~client#1|) (not (= |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1| 0)) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__Base_#in~client#1|) (= |outgoing_autoRespond_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= |outgoing_~msg#1| 1) (= |outgoing_getClientAutoResponse_~retValue_acc~20#1| ~__ste_client_autoResponse1~0) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (= |outgoing_autoRespond_#in~msg#1| |outgoing_autoRespond_~msg#1|) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,646 INFO L895 garLoopResultBuilder]: At program point L1640-2(lines 1632 1649) the Hoare annotation is: (or (not (<= 1 |outgoing_#in~client#1|)) (and (<= 2 |outgoing_mail_~tmp~2#1|) (= |outgoing_incoming__wrappee__AutoResponder_#in~client#1| |outgoing_incoming_~client#1|) (= |outgoing_incoming__wrappee__Base_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_incoming__wrappee__AutoResponder_~client#1|) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_getClientAutoResponse_~handle#1|) (<= 1 |outgoing_mail_~msg#1|) (= |outgoing_deliver_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (= |outgoing_incoming_~msg#1| |outgoing_incoming_#in~msg#1|) (= |outgoing_incoming_~client#1| |outgoing_incoming_#in~client#1|) (= |outgoing_incoming_#in~client#1| |outgoing_mail_~tmp~2#1|) (<= ~queued_message~0 0) (= |outgoing_incoming__wrappee__AutoResponder_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= ~__ste_email_from0~0 2147483647) (= |outgoing_deliver_~client#1| |outgoing_deliver_#in~client#1|) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (= |outgoing_incoming__wrappee__Base_~msg#1| |outgoing_deliver_#in~msg#1|) (<= |outgoing_getClientId_#res#1| 2147483647) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__AutoResponder_#in~client#1|) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__Base_~msg#1|) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_getClientAutoResponse_~retValue_acc~20#1|) (<= 1 |outgoing_mail_#in~msg#1|) (= |outgoing_mail_~msg#1| |outgoing_incoming_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (= |outgoing_deliver_~msg#1| |outgoing_deliver_#in~msg#1|) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_mail_~tmp~2#1| 2) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= |outgoing_mail_~msg#1| 1) (= |outgoing_incoming_~msg#1| |outgoing_incoming__wrappee__AutoResponder_#in~msg#1|) (<= |outgoing_mail_#in~client#1| 1) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__Base_#in~client#1|) (<= |outgoing_~msg#1| 1) (= |outgoing_getClientAutoResponse_~retValue_acc~20#1| ~__ste_client_autoResponse1~0) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~rjh~0 |old(~__ste_email_to0~0)|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (<= |outgoing_#in~client#1| 1)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= |outgoing_#in~msg#1| 1)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~bob~0 |outgoing_#in~client#1|)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= 0 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,646 INFO L899 garLoopResultBuilder]: For program point L2342-1(line 2342) no Hoare annotation was computed. [2022-12-14 10:25:45,646 INFO L902 garLoopResultBuilder]: At program point L1764(line 1764) the Hoare annotation is: true [2022-12-14 10:25:45,646 INFO L902 garLoopResultBuilder]: At program point L1764-1(lines 1757 1768) the Hoare annotation is: true [2022-12-14 10:25:45,646 INFO L902 garLoopResultBuilder]: At program point L2524(line 2524) the Hoare annotation is: true [2022-12-14 10:25:45,646 INFO L899 garLoopResultBuilder]: For program point L2524-1(line 2524) no Hoare annotation was computed. [2022-12-14 10:25:45,646 INFO L895 garLoopResultBuilder]: At program point L2359(line 2359) the Hoare annotation is: false [2022-12-14 10:25:45,647 INFO L895 garLoopResultBuilder]: At program point L1749(line 1749) the Hoare annotation is: (not (= 0 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|)) [2022-12-14 10:25:45,647 INFO L899 garLoopResultBuilder]: For program point L1749-1(line 1749) no Hoare annotation was computed. [2022-12-14 10:25:45,647 INFO L899 garLoopResultBuilder]: For program point L2344(lines 2344 2350) no Hoare annotation was computed. [2022-12-14 10:25:45,647 INFO L895 garLoopResultBuilder]: At program point L2344-2(lines 2336 2353) the Hoare annotation is: (not (= 0 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|)) [2022-12-14 10:25:45,647 INFO L902 garLoopResultBuilder]: At program point L2527-1(line 2527) the Hoare annotation is: true [2022-12-14 10:25:45,647 INFO L902 garLoopResultBuilder]: At program point L2527(line 2527) the Hoare annotation is: true [2022-12-14 10:25:45,647 INFO L899 garLoopResultBuilder]: For program point outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION(line 2359) no Hoare annotation was computed. [2022-12-14 10:25:45,647 INFO L899 garLoopResultBuilder]: For program point L1660(lines 1660 1667) no Hoare annotation was computed. [2022-12-14 10:25:45,651 INFO L895 garLoopResultBuilder]: At program point L1594(line 1594) the Hoare annotation is: (or (not (<= 1 |outgoing_#in~client#1|)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~rjh~0 |old(~__ste_email_to0~0)|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (<= |outgoing_#in~client#1| 1)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= |outgoing_#in~msg#1| 1)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~bob~0 |outgoing_#in~client#1|)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (and (= |outgoing_mail_#in~client#1| |outgoing_~client#1|) (= |outgoing_mail_~msg#1| |outgoing_mail_#in~msg#1|) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_mail_#in~client#1| |outgoing_mail_~client#1|) (<= ~queued_message~0 0) (<= ~__ste_email_from0~0 2147483647) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (<= |outgoing_getClientId_#res#1| 2147483647) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (<= ~__ste_client_idCounter0~0 2147483647) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (= |outgoing_mail_#in~msg#1| |outgoing_~msg#1|) (<= 0 ~queued_client~0) (<= |outgoing_~msg#1| 1) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,651 INFO L902 garLoopResultBuilder]: At program point L1660-2(lines 1650 1670) the Hoare annotation is: true [2022-12-14 10:25:45,654 INFO L895 garLoopResultBuilder]: At program point L1594-1(line 1594) the Hoare annotation is: (or (not (<= 1 |outgoing_#in~client#1|)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~rjh~0 |old(~__ste_email_to0~0)|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (<= |outgoing_#in~client#1| 1)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= |outgoing_#in~msg#1| 1)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~bob~0 |outgoing_#in~client#1|)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (and (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (<= 1 |outgoing_mail_~msg#1|) (<= ~queued_message~0 0) (<= ~__ste_email_from0~0 2147483647) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (<= |outgoing_getClientId_#res#1| 2147483647) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (<= |outgoing_mail_#t~ret8#1| 2) (<= 1 |outgoing_mail_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (<= |outgoing_mail_~msg#1| 1) (<= |outgoing_mail_#in~client#1| 1) (<= |outgoing_~msg#1| 1) (<= 2 |outgoing_mail_#t~ret8#1|) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,654 INFO L895 garLoopResultBuilder]: At program point L1751(line 1751) the Hoare annotation is: (not (= 0 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|)) [2022-12-14 10:25:45,654 INFO L895 garLoopResultBuilder]: At program point L1751-1(line 1751) the Hoare annotation is: (not (= 0 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|)) [2022-12-14 10:25:45,654 INFO L895 garLoopResultBuilder]: At program point L1752(lines 1737 1756) the Hoare annotation is: (not (= 0 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|)) [2022-12-14 10:25:45,654 INFO L899 garLoopResultBuilder]: For program point outgoingEXIT(lines 1600 1611) no Hoare annotation was computed. [2022-12-14 10:25:45,656 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 181 196) the Hoare annotation is: (or (not (= |setEmailTo_#in~value| ~rjh~0)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= ~__ste_email_from0~0 0)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~bob~0 1)) (not (= ~queued_message~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~queued_client~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= |setEmailTo_#in~handle| 1)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (and (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~queue_empty~0 1)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,656 INFO L899 garLoopResultBuilder]: For program point setEmailToEXIT(lines 181 196) no Hoare annotation was computed. [2022-12-14 10:25:45,656 INFO L899 garLoopResultBuilder]: For program point getEmailToEXIT(lines 162 180) no Hoare annotation was computed. [2022-12-14 10:25:45,656 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 162 180) the Hoare annotation is: true [2022-12-14 10:25:45,659 INFO L895 garLoopResultBuilder]: At program point L2560(line 2560) the Hoare annotation is: (or (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~bob~0 1)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= |old(~__ste_email_from1~0)| 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (and (<= ~queued_message~0 0) (<= 0 ~__ste_email_from0~0) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |sendEmail_createEmail_~from#1| ~__ste_email_from0~0) (<= 0 ~queued_message~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (<= 1 |sendEmail_~sender#1|) (<= |sendEmail_~sender#1| 1) (= |old(~queue_empty~0)| ~queue_empty~0) (<= ~__ste_email_from0~0 0) (= ~__ste_email_to0~0 |sendEmail_createEmail_~to#1|) (= ~queued_client~0 |old(~queued_client~0)|) (<= |sendEmail_createEmail_#in~to#1| 2) (<= 2 |sendEmail_createEmail_#in~to#1|) (<= 2 |sendEmail_createEmail_~to#1|) (<= ~__ste_email_to0~0 2) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,659 INFO L899 garLoopResultBuilder]: For program point sendEmailEXIT(lines 1686 1698) no Hoare annotation was computed. [2022-12-14 10:25:45,661 INFO L895 garLoopResultBuilder]: At program point L2559-1(line 2559) the Hoare annotation is: (or (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= |sendEmail_createEmail_#in~from#1| 0) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_createEmail_~to#1|) (= |sendEmail_#in~sender#1| |sendEmail_~sender#1|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_~receiver#1|) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~bob~0 1)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= |old(~__ste_email_from1~0)| 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,662 INFO L895 garLoopResultBuilder]: At program point L2559(line 2559) the Hoare annotation is: (or (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= |sendEmail_createEmail_#in~from#1| 0) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_createEmail_~to#1|) (= |sendEmail_#in~sender#1| |sendEmail_~sender#1|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_~receiver#1|) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~bob~0 1)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= |old(~__ste_email_from1~0)| 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,663 INFO L895 garLoopResultBuilder]: At program point L1694(line 1694) the Hoare annotation is: (or (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~bob~0 1)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (and (= |sendEmail_createEmail_#res#1| |sendEmail_createEmail_~retValue_acc~39#1|) (<= ~queued_message~0 0) (<= 0 ~__ste_email_from0~0) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |sendEmail_createEmail_~from#1| ~__ste_email_from0~0) (<= 0 ~queued_message~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (<= 1 |sendEmail_~sender#1|) (<= |sendEmail_~sender#1| 1) (= |old(~queue_empty~0)| ~queue_empty~0) (<= ~__ste_email_from0~0 0) (= ~__ste_email_to0~0 |sendEmail_createEmail_~to#1|) (= |sendEmail_createEmail_~retValue_acc~39#1| |sendEmail_createEmail_~msg~0#1|) (= ~queued_client~0 |old(~queued_client~0)|) (= |sendEmail_createEmail_#res#1| |sendEmail_~tmp~7#1|) (<= |sendEmail_createEmail_#in~to#1| 2) (<= 2 |sendEmail_createEmail_#in~to#1|) (= |sendEmail_~email~0#1| |sendEmail_~tmp~7#1|) (<= 2 |sendEmail_createEmail_~to#1|) (<= ~__ste_email_to0~0 2) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= |old(~__ste_email_from1~0)| 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,664 INFO L899 garLoopResultBuilder]: For program point sendEmailFINAL(lines 1686 1698) no Hoare annotation was computed. [2022-12-14 10:25:45,665 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 1686 1698) the Hoare annotation is: (or (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= |old(~queued_message~0)| 0)) (not (= |old(~__ste_email_from0~0)| 0)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~bob~0 1)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= |old(~queued_client~0)| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= |old(~queue_empty~0)| 1)) (not (= |old(~__ste_email_from1~0)| 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~__ste_client_autoResponse1~0 1)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-12-14 10:25:45,665 INFO L899 garLoopResultBuilder]: For program point setEmailFromEXIT(lines 144 159) no Hoare annotation was computed. [2022-12-14 10:25:45,667 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 144 159) the Hoare annotation is: (or (and (<= 0 ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (<= ~__ste_email_from0~0 0)) (let ((.cse0 (not (<= ~__ste_client_privateKey0~0 0))) (.cse1 (not (<= 0 ~queued_client~0))) (.cse2 (not (<= 0 ~__ste_email_subject0~0.offset))) (.cse3 (not (<= 0 ~__ste_Client_AddressBook2_Address1~0))) (.cse4 (not (<= 0 ~__ste_email_body0~0.base))) (.cse5 (not (<= ~__ste_email_isEncrypted1~0 0))) (.cse6 (not (<= 0 ~__ste_client_privateKey0~0))) (.cse7 (not (<= ~__ste_email_subject1~0.offset 0))) (.cse8 (not (<= ~__ste_Client_Keyring0_User2~0 0))) (.cse9 (not (<= 0 |old(~__ste_email_from0~0)|))) (.cse10 (not (<= ~__ste_email_signKey1~0 0))) (.cse11 (not (<= ~__SELECTED_FEATURE_Verify~0 0))) (.cse12 (not (<= 0 ~__ste_email_subject1~0.offset))) (.cse13 (not (<= 0 ~__ste_Client_AddressBook1_Address1~0))) (.cse14 (not (<= 0 ~__ste_Client_Keyring0_PublicKey1~0))) (.cse15 (not (<= 0 ~__ste_Client_AddressBook0_Alias0~0))) (.cse16 (not (<= 0 ~head~0.base))) (.cse17 (not (<= 0 ~__ste_ClientKeyring_size2~0))) (.cse18 (not (<= |setEmailFrom_#in~handle| 1))) (.cse19 (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0))) (.cse20 (not (<= ~__ste_Client_AddressBook0_Alias1~0 0))) (.cse21 (not (<= 0 |#NULL.offset|))) (.cse22 (not (<= ~__SELECTED_FEATURE_Sign~0 0))) (.cse23 (not (<= 0 ~__ste_Client_counter~0))) (.cse24 (not (<= ~__ste_client_privateKey1~0 0))) (.cse25 (not (<= ~__ste_Client_AddressBook2_Alias0~0 0))) (.cse26 (not (<= 0 ~__ste_client_forwardReceiver1~0))) (.cse27 (not (<= 0 ~__ste_client_privateKey1~0))) (.cse28 (not (<= ~queued_message~0 0))) (.cse29 (not (<= 0 ~__ste_email_id1~0))) (.cse30 (not (<= ~__ste_Client_AddressBook2_Address1~0 0))) (.cse31 (not (<= 3 ~chuck~0))) (.cse32 (not (<= ~__ste_Client_AddressBook2_Alias2~0 0))) (.cse33 (not (<= 0 ~__ste_Client_AddressBook2_Address2~0))) (.cse34 (not (<= 0 ~__ste_email_body0~0.offset))) (.cse35 (not (<= ~__ste_ClientAddressBook_size1~0 0))) (.cse36 (not (<= 0 ~__ste_Client_Keyring0_User0~0))) (.cse37 (not (<= 0 ~__ste_email_body1~0.offset))) (.cse38 (not (<= 0 ~__ste_Client_AddressBook2_Alias2~0))) (.cse39 (not (<= 0 ~__ste_email_encryptionKey0~0))) (.cse40 (not (<= 0 ~__ste_client_outbuffer3~0))) (.cse41 (not (<= 0 ~__ste_Client_Keyring1_User2~0))) (.cse42 (not (<= ~__ste_ClientKeyring_size0~0 0))) (.cse43 (not (<= ~__ste_Client_AddressBook1_Address2~0 0))) (.cse44 (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0))) (.cse45 (not (<= ~__SELECTED_FEATURE_Decrypt~0 0))) (.cse46 (not (<= 0 ~__ste_Client_AddressBook2_Address0~0))) (.cse47 (not (<= ~__ste_client_outbuffer1~0 0))) (.cse48 (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0))) (.cse49 (not (<= ~head~0.base 0))) (.cse50 (not (<= 0 ~__ste_Client_Keyring1_User1~0))) (.cse51 (not (<= ~__ste_email_body1~0.base 0))) (.cse52 (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0))) (.cse53 (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0))) (.cse54 (not (<= 2 ~rjh~0))) (.cse55 (not (<= ~bob~0 1))) (.cse56 (not (<= ~__ste_client_outbuffer2~0 0))) (.cse57 (not (<= 0 ~__ste_ClientKeyring_size1~0))) (.cse58 (not (<= ~__ste_Client_AddressBook2_Address0~0 0))) (.cse59 (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0))) (.cse60 (not (<= ~__ste_Client_Keyring1_User1~0 0))) (.cse61 (not (<= ~__ste_ClientAddressBook_size0~0 0))) (.cse62 (not (<= ~rjh~0 2))) (.cse63 (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0))) (.cse64 (not (<= 0 ~__ste_client_name2~0.base))) (.cse65 (not (<= 0 ~__ste_client_outbuffer2~0))) (.cse66 (not (<= 0 ~__ste_email_isSignatureVerified0~0))) (.cse67 (not (<= ~__ste_Client_AddressBook2_Alias1~0 0))) (.cse68 (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0))) (.cse69 (not (<= ~__ste_Client_AddressBook1_Alias0~0 0))) (.cse70 (not (<= ~__ste_Client_AddressBook1_Address1~0 0))) (.cse71 (not (<= ~__ste_Client_AddressBook1_Address0~0 0))) (.cse72 (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0))) (.cse73 (not (<= ~__ste_client_name2~0.base 0))) (.cse74 (not (<= 0 ~queued_message~0))) (.cse75 (not (<= 0 ~__ste_email_subject1~0.base))) (.cse76 (not (<= 0 ~__ste_client_name1~0.offset))) (.cse77 (not (<= ~__ste_email_body0~0.base 0))) (.cse78 (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0))) (.cse79 (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0))) (.cse80 (not (<= ~__ste_email_encryptionKey1~0 0))) (.cse81 (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0))) (.cse82 (not (<= ~__ste_client_name2~0.offset 0))) (.cse83 (not (<= 1 ~bob~0))) (.cse84 (not (<= ~__ste_email_subject0~0.base 0))) (.cse85 (not (<= 0 ~__ste_Client_Keyring2_User1~0))) (.cse86 (not (<= ~__ste_ClientAddressBook_size2~0 0))) (.cse87 (not (<= 1 |setEmailFrom_#in~handle|))) (.cse88 (not (<= ~head~0.offset 0))) (.cse89 (not (<= 0 ~__SELECTED_FEATURE_Sign~0))) (.cse90 (not (<= 0 ~__ste_client_name2~0.offset))) (.cse91 (not (<= ~__ste_Client_Keyring1_PublicKey1~0 0))) (.cse92 (not (<= ~__ste_client_forwardReceiver3~0 0))) (.cse93 (not (<= ~__ste_Client_Keyring2_User0~0 0))) (.cse94 (not (<= 0 ~__ste_email_isSignatureVerified1~0))) (.cse95 (not (<= ~__ste_ClientKeyring_size2~0 0))) (.cse96 (not (<= 0 ~__ste_email_signKey1~0))) (.cse97 (not (<= 0 ~__ste_client_outbuffer1~0))) (.cse98 (not (<= 0 ~__ste_ClientAddressBook_size1~0))) (.cse99 (not (<= 0 ~__ste_Client_AddressBook1_Alias1~0))) (.cse100 (not (<= 0 ~__ste_client_name0~0.base))) (.cse101 (not (<= ~__ste_client_outbuffer3~0 0))) (.cse102 (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0))) (.cse103 (not (<= ~__ste_Client_counter~0 0))) (.cse104 (not (<= ~__ste_client_outbuffer0~0 0))) (.cse105 (not (<= ~__ste_client_name0~0.offset 0))) (.cse106 (not (<= ~__ste_email_id1~0 0))) (.cse107 (not (<= ~__ste_client_name1~0.offset 0))) (.cse108 (not (<= ~__SELECTED_FEATURE_Encrypt~0 0))) (.cse109 (not (<= ~__ste_client_privateKey2~0 0))) (.cse110 (not (<= 0 ~__ste_email_isSigned0~0))) (.cse111 (not (<= 0 ~__ste_client_autoResponse2~0))) (.cse112 (not (<= 1 ~queue_empty~0))) (.cse113 (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0))) (.cse114 (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0))) (.cse115 (not (<= 0 ~__ste_client_forwardReceiver0~0))) (.cse116 (not (<= ~__ste_client_autoResponse0~0 0))) (.cse117 (not (<= ~__ste_Client_AddressBook0_Alias2~0 0))) (.cse118 (not (<= 0 ~__ste_client_privateKey2~0))) (.cse119 (not (<= ~__ste_ClientKeyring_size1~0 0))) (.cse120 (not (<= ~__ste_client_name0~0.base 0))) (.cse121 (not (<= ~__ste_Client_AddressBook1_Alias2~0 0))) (.cse122 (not (<= 0 ~__ste_Client_AddressBook1_Address0~0))) (.cse123 (not (<= 0 ~__ste_Client_Keyring0_User2~0))) (.cse124 (not (<= |#NULL.offset| 0))) (.cse125 (not (<= ~__ste_Client_AddressBook0_Address1~0 0))) (.cse126 (not (<= 0 ~__ste_client_forwardReceiver2~0))) (.cse127 (not (<= ~__ste_email_subject0~0.offset 0))) (.cse128 (not (<= ~__ste_Client_AddressBook1_Alias1~0 0))) (.cse129 (not (<= 0 ~__ste_Email_counter~0))) (.cse130 (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0))) (.cse131 (not (<= 0 ~__ste_Client_Keyring2_User0~0))) (.cse132 (not (<= ~__ste_Client_Keyring1_User0~0 0))) (.cse133 (not (<= 0 ~__ste_email_isEncrypted1~0))) (.cse134 (not (<= 0 |#NULL.base|))) (.cse135 (not (<= 0 ~__ste_ClientKeyring_size0~0))) (.cse136 (not (<= ~__ste_Client_AddressBook0_Address2~0 0))) (.cse137 (not (<= ~chuck~0 3))) (.cse138 (not (<= ~__SELECTED_FEATURE_Forward~0 0))) (.cse139 (not (<= 0 ~__SELECTED_FEATURE_Verify~0))) (.cse140 (not (<= ~__ste_Client_Keyring2_User1~0 0))) (.cse141 (not (<= 0 ~__ste_client_forwardReceiver3~0))) (.cse142 (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0))) (.cse143 (not (<= ~__ste_Client_Keyring2_PublicKey1~0 0))) (.cse144 (not (<= ~__ste_Client_Keyring2_User2~0 0))) (.cse145 (not (<= 0 ~__ste_email_isSigned1~0))) (.cse146 (not (<= ~__SELECTED_FEATURE_AddressBook~0 0))) (.cse147 (not (<= 0 ~__ste_email_body1~0.base))) (.cse148 (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0))) (.cse149 (not (<= ~__ste_email_isSigned1~0 0))) (.cse150 (not (<= ~__ste_Client_AddressBook0_Alias0~0 0))) (.cse151 (not (<= ~__ste_client_forwardReceiver2~0 0))) (.cse152 (not (<= 0 ~__ste_Client_Keyring2_User2~0))) (.cse153 (not (<= ~__SELECTED_FEATURE_Keys~0 0))) (.cse154 (not (<= 0 ~__ste_Client_Keyring2_PublicKey1~0))) (.cse155 (not (<= 0 ~__SELECTED_FEATURE_Base~0))) (.cse156 (not (<= 0 ~__ste_ClientAddressBook_size2~0))) (.cse157 (not (<= 0 ~__SELECTED_FEATURE_Forward~0))) (.cse158 (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0))) (.cse159 (not (<= ~__ste_email_body0~0.offset 0))) (.cse160 (not (<= 0 ~__ste_client_name1~0.base))) (.cse161 (not (<= ~queue_empty~0 1))) (.cse162 (not (<= ~__ste_Client_Keyring0_PublicKey1~0 0))) (.cse163 (not (<= ~__ste_Client_AddressBook0_Address0~0 0))) (.cse164 (not (<= 0 ~__ste_email_encryptionKey1~0))) (.cse165 (not (<= 0 ~__ste_Client_AddressBook0_Address0~0))) (.cse166 (not (<= ~__ste_client_idCounter2~0 3))) (.cse167 (not (<= 0 ~__ste_Client_Keyring0_User1~0))) (.cse168 (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0))) (.cse169 (not (<= 0 ~__ste_email_id0~0))) (.cse170 (not (<= ~__ste_email_subject1~0.base 0))) (.cse171 (not (<= 0 |#StackHeapBarrier|))) (.cse172 (not (<= ~__ste_email_isSignatureVerified0~0 0))) (.cse173 (not (<= ~__SELECTED_FEATURE_Base~0 0))) (.cse174 (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0))) (.cse175 (not (<= 0 ~__ste_ClientAddressBook_size0~0))) (.cse176 (not (<= 0 ~__SELECTED_FEATURE_Keys~0))) (.cse177 (not (<= |old(~__ste_email_from0~0)| 0))) (.cse178 (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0))) (.cse179 (not (<= ~__ste_client_forwardReceiver1~0 0))) (.cse180 (not (<= ~__ste_email_body1~0.offset 0))) (.cse181 (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0))) (.cse182 (not (<= ~__ste_email_isEncrypted0~0 0))) (.cse183 (not (<= ~__ste_client_autoResponse2~0 0))) (.cse184 (not (<= ~__ste_client_autoResponse1~0 1))) (.cse185 (not (<= ~queued_client~0 0))) (.cse186 (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0))) (.cse187 (not (<= 0 ~__ste_Client_Keyring1_User0~0))) (.cse188 (not (<= 0 ~__ste_client_name0~0.offset))) (.cse189 (not (<= 0 ~__ste_client_outbuffer0~0))) (.cse190 (not (<= 0 ~__ste_client_autoResponse1~0))) (.cse191 (not (<= ~__ste_email_encryptionKey0~0 0))) (.cse192 (not (<= 0 ~__ste_client_autoResponse0~0))) (.cse193 (not (<= ~__ste_Client_Keyring0_User0~0 0))) (.cse194 (not (<= 0 ~__ste_Client_AddressBook0_Address1~0))) (.cse195 (not (<= 0 ~head~0.offset))) (.cse196 (not (<= |#NULL.base| 0))) (.cse197 (not (<= ~__ste_client_name1~0.base 0))) (.cse198 (not (<= ~__ste_email_isSignatureVerified1~0 0))) (.cse199 (not (<= ~__ste_Email_counter~0 0))) (.cse200 (not (<= 0 ~__ste_email_signKey0~0))) (.cse201 (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0))) (.cse202 (not (<= 0 ~__ste_Client_AddressBook0_Address2~0))) (.cse203 (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0))) (.cse204 (not (<= ~__ste_Client_Keyring1_User2~0 0))) (.cse205 (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0))) (.cse206 (not (<= ~__ste_Client_Keyring0_User1~0 0))) (.cse207 (not (<= ~__ste_email_isSigned0~0 0))) (.cse208 (not (<= ~__ste_Client_AddressBook2_Address2~0 0))) (.cse209 (not (<= ~__ste_email_id0~0 0))) (.cse210 (not (<= 0 ~__ste_Client_Keyring1_PublicKey1~0))) (.cse211 (not (<= ~__ste_email_signKey0~0 0))) (.cse212 (not (<= 3 ~__ste_client_idCounter2~0))) (.cse213 (not (<= 0 ~__ste_email_isEncrypted0~0))) (.cse214 (not (<= 0 ~__ste_Client_AddressBook1_Address2~0))) (.cse215 (not (<= ~__ste_client_forwardReceiver0~0 0))) (.cse216 (not (<= 0 ~__ste_email_subject0~0.base)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (not (<= |setEmailFrom_#in~value| 2147483647)) .cse6 .cse7 .cse8 .cse9 .cse10 .cse11 .cse12 .cse13 .cse14 .cse15 .cse16 .cse17 .cse18 .cse19 .cse20 .cse21 .cse22 .cse23 .cse24 .cse25 .cse26 .cse27 .cse28 .cse29 .cse30 .cse31 .cse32 .cse33 .cse34 .cse35 .cse36 .cse37 .cse38 .cse39 .cse40 .cse41 .cse42 .cse43 .cse44 .cse45 .cse46 .cse47 (not (<= ~__ste_email_to0~0 2)) .cse48 .cse49 .cse50 .cse51 .cse52 .cse53 .cse54 .cse55 .cse56 .cse57 .cse58 .cse59 .cse60 .cse61 .cse62 .cse63 .cse64 .cse65 .cse66 .cse67 .cse68 .cse69 .cse70 .cse71 .cse72 .cse73 .cse74 .cse75 .cse76 .cse77 .cse78 .cse79 .cse80 .cse81 .cse82 .cse83 .cse84 .cse85 .cse86 .cse87 .cse88 .cse89 .cse90 .cse91 .cse92 .cse93 (not (<= 2 ~__ste_email_to0~0)) .cse94 .cse95 .cse96 .cse97 .cse98 .cse99 .cse100 .cse101 .cse102 .cse103 .cse104 .cse105 .cse106 .cse107 .cse108 .cse109 .cse110 .cse111 .cse112 .cse113 .cse114 .cse115 .cse116 .cse117 .cse118 .cse119 .cse120 .cse121 .cse122 .cse123 .cse124 .cse125 .cse126 .cse127 .cse128 .cse129 .cse130 .cse131 .cse132 (not (<= 0 (+ ~__ste_client_idCounter0~0 2147483648))) .cse133 .cse134 .cse135 .cse136 .cse137 .cse138 .cse139 .cse140 .cse141 .cse142 .cse143 .cse144 .cse145 .cse146 .cse147 .cse148 .cse149 .cse150 .cse151 .cse152 .cse153 .cse154 .cse155 .cse156 .cse157 .cse158 .cse159 .cse160 .cse161 .cse162 .cse163 .cse164 .cse165 .cse166 .cse167 .cse168 .cse169 .cse170 .cse171 .cse172 .cse173 .cse174 .cse175 .cse176 .cse177 .cse178 .cse179 .cse180 .cse181 .cse182 .cse183 .cse184 .cse185 .cse186 .cse187 .cse188 .cse189 .cse190 .cse191 .cse192 .cse193 .cse194 .cse195 .cse196 .cse197 .cse198 .cse199 .cse200 .cse201 .cse202 .cse203 .cse204 .cse205 .cse206 .cse207 .cse208 .cse209 .cse210 .cse211 .cse212 .cse213 .cse214 .cse215 .cse216) (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7 .cse8 .cse9 .cse10 .cse11 .cse12 .cse13 .cse14 .cse15 .cse16 .cse17 .cse18 .cse19 .cse20 .cse21 .cse22 .cse23 .cse24 .cse25 .cse26 .cse27 .cse28 (not (<= ~__ste_email_to0~0 0)) .cse29 .cse30 .cse31 .cse32 .cse33 .cse34 .cse35 .cse36 .cse37 (not (<= 0 ~__ste_email_to0~0)) .cse38 .cse39 .cse40 .cse41 .cse42 .cse43 .cse44 .cse45 .cse46 .cse47 .cse48 .cse49 .cse50 .cse51 .cse52 .cse53 .cse54 .cse55 .cse56 .cse57 .cse58 .cse59 .cse60 .cse61 .cse62 .cse63 .cse64 .cse65 .cse66 .cse67 .cse68 .cse69 .cse70 (not (<= 0 |setEmailFrom_#in~value|)) .cse71 .cse72 .cse73 .cse74 .cse75 .cse76 .cse77 .cse78 .cse79 .cse80 .cse81 .cse82 .cse83 .cse84 .cse85 .cse86 .cse87 .cse88 .cse89 .cse90 .cse91 .cse92 .cse93 .cse94 .cse95 .cse96 .cse97 .cse98 .cse99 .cse100 .cse101 .cse102 .cse103 .cse104 .cse105 .cse106 .cse107 .cse108 .cse109 .cse110 .cse111 .cse112 .cse113 .cse114 .cse115 .cse116 .cse117 .cse118 .cse119 .cse120 .cse121 (not (<= 0 |old(~__ste_email_from1~0)|)) .cse122 .cse123 .cse124 .cse125 .cse126 .cse127 .cse128 .cse129 .cse130 .cse131 .cse132 .cse133 .cse134 .cse135 .cse136 .cse137 .cse138 .cse139 (not (<= |setEmailFrom_#in~value| 0)) .cse140 .cse141 .cse142 .cse143 .cse144 .cse145 .cse146 .cse147 .cse148 .cse149 .cse150 .cse151 .cse152 .cse153 .cse154 .cse155 .cse156 .cse157 .cse158 .cse159 (not (<= |old(~__ste_email_from1~0)| 0)) .cse160 .cse161 .cse162 .cse163 .cse164 .cse165 .cse166 .cse167 .cse168 .cse169 .cse170 .cse171 .cse172 .cse173 .cse174 .cse175 .cse176 .cse177 .cse178 .cse179 .cse180 .cse181 .cse182 .cse183 .cse184 .cse185 .cse186 .cse187 .cse188 .cse189 .cse190 .cse191 .cse192 .cse193 (not (<= ~__ste_email_to1~0 0)) .cse194 .cse195 .cse196 .cse197 .cse198 .cse199 .cse200 .cse201 .cse202 .cse203 .cse204 .cse205 .cse206 .cse207 .cse208 .cse209 .cse210 .cse211 .cse212 .cse213 .cse214 (not (<= 0 ~__ste_email_to1~0)) .cse215 .cse216))) (and (not (= ~__ste_client_idCounter0~0 |setEmailFrom_#in~value|)) (not (= ~__ste_email_to0~0 0)))) [2022-12-14 10:25:45,667 INFO L899 garLoopResultBuilder]: For program point L1918(lines 1918 1922) no Hoare annotation was computed. [2022-12-14 10:25:45,667 INFO L895 garLoopResultBuilder]: At program point L2414(line 2414) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,668 INFO L895 garLoopResultBuilder]: At program point L2381-1(lines 2376 2385) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~rjh~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= ~__ste_client_idCounter0~0 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (<= 1 ~__ste_client_idCounter0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-12-14 10:25:45,669 INFO L895 garLoopResultBuilder]: At program point L2381(line 2381) the Hoare annotation is: (let ((.cse0 (select |#memory_int| 4)) (.cse1 (select |#memory_int| 1))) (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= (select |#valid| 30) 1) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (= 1 (select |#valid| 5)) (= (select |#length| 3) 12) (= (select |#valid| 15) 1) (= ~__ste_Client_counter~0 0) (= ~rjh~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= 21 (select |#length| 11)) (= (select |#valid| 26) 1) (= ~__ste_client_autoResponse1~0 0) (= 9 (select |#length| 16)) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= 0 ~__ste_email_subject0~0.base) (= (select .cse0 2) 10) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= (select |#length| 20) 25) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (= (select |#valid| 9) 1) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= (select |#length| 28) 12) (= (select |#length| 6) 16) (= ~__ste_email_body1~0.offset 0) (= (select |#length| 15) 30) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= (select |#valid| 11) 1) (= ~__ste_Client_AddressBook1_Address2~0 0) (= (select |#valid| 27) 1) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= |ULTIMATE.start_setup_bob_#in~bob___0#1| ~bob~0) (= (select |#length| 24) 9) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= 9 (select |#length| 25)) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= 30 (select |#length| 12)) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= 2 (select |#length| 1)) (= ~__ste_client_idCounter1~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= (select |#length| 4) 4) (= 11 (select |#length| 26)) (= ~__ste_email_to0~0 0) (= (select |#valid| 3) 1) (= ~__ste_email_signKey0~0 0) (= (select |#valid| 7) 1) (= 115 (select .cse0 1)) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= (select |#valid| 24) 1) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= (select |#length| 27) 10) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (= (select |#valid| 12) 1) (= (select |#length| 19) 9) (= ~__ste_Client_AddressBook2_Address2~0 0) (= (select |#valid| 28) 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= (select .cse0 0) 37) (= (select |#length| 30) 18) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (= (select |#valid| 4) 1) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= 9 (select |#length| 13)) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= (select |#valid| 1) 1) (= ~__ste_client_forwardReceiver0~0 0) (= (select |#valid| 20) 1) (= ~__ste_Client_Keyring2_User0~0 0) (= (select .cse0 3) 0) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= (select |#length| 29) 10) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= (select |#valid| 21) 1) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_idCounter2~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (= (select |#length| 17) 25) (= (select |#valid| 14) 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= (select |#valid| 0) 0) (= ~__ste_Client_Keyring2_User2~0 0) (= (select |#valid| 25) 1) (= 22 (select |#length| 7)) (= ~head~0.base 0) (= (select |#length| 5) 10) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= (select |#valid| 2) 1) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= (select |#length| 21) 20) (= (select .cse1 0) 48) (= ~__ste_email_subject1~0.offset 0) (= (select |#valid| 23) 1) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 30 (select |#length| 9)) (= ~__ste_client_idCounter0~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= 29 (select |#length| 2)) (= ~__ste_client_outbuffer1~0 0) (= (select |#valid| 19) 1) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= (select |#valid| 16) 1) (= (select |#length| 22) 44) (= (select |#valid| 6) 1) (= ~chuck~0 0) (= 30 (select |#length| 18)) (= (select .cse1 1) 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= |ULTIMATE.start_setup_bob_#in~bob___0#1| |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_client_outbuffer2~0 0) (= (select |#valid| 29) 1) (= |ULTIMATE.start_main_~tmp~15#1| |ULTIMATE.start_valid_product_#res#1|) (= |ULTIMATE.start_valid_product_#res#1| |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_ClientAddressBook_size2~0 0) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= (select |#valid| 8) 1) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= 44 (select |#length| 23)) (= ~__ste_ClientKeyring_size2~0 0) (= (select |#length| 8) 21) (= ~__ste_client_autoResponse2~0 0) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= |#NULL.base| 0) (= 9 (select |#length| 10)) (= 21 (select |#length| 14)) (= ~__ste_email_signKey1~0 0))) [2022-12-14 10:25:45,669 INFO L895 garLoopResultBuilder]: At program point L2414-1(line 2414) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,669 INFO L899 garLoopResultBuilder]: For program point L1820(lines 1820 1957) no Hoare annotation was computed. [2022-12-14 10:25:45,670 INFO L895 garLoopResultBuilder]: At program point $Ultimate##90(lines 1936 1947) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,670 INFO L899 garLoopResultBuilder]: For program point L1871(lines 1871 1875) no Hoare annotation was computed. [2022-12-14 10:25:45,670 INFO L895 garLoopResultBuilder]: At program point L2417(lines 2417 2425) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,670 INFO L895 garLoopResultBuilder]: At program point $Ultimate##84(lines 1925 1948) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,671 INFO L895 garLoopResultBuilder]: At program point L2401-1(lines 2396 2405) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.offset| 0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (<= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| 3) (= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (<= ~__ste_client_idCounter2~0 3) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (<= 3 ~__ste_client_idCounter2~0) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= 3 ~chuck~0) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (<= 3 |ULTIMATE.start_setup_chuck_~chuck___0#1|) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (<= 3 |ULTIMATE.start_setup_chuck_#in~chuck___0#1|) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.base| 25) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (<= |ULTIMATE.start_setup_chuck_~chuck___0#1| 3) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-12-14 10:25:45,671 INFO L895 garLoopResultBuilder]: At program point L2401(line 2401) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.offset| 0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (<= ~__ste_client_idCounter1~0 2) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| ~chuck~0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| |ULTIMATE.start_setup_chuck_~chuck___0#1|) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= 3 ~chuck~0) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (<= 2 ~__ste_client_idCounter1~0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.base| 25) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-12-14 10:25:45,672 INFO L895 garLoopResultBuilder]: At program point $Ultimate##72(lines 1903 1950) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,672 INFO L895 garLoopResultBuilder]: At program point $Ultimate##78(lines 1914 1949) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,672 INFO L899 garLoopResultBuilder]: For program point L1824(lines 1824 1828) no Hoare annotation was computed. [2022-12-14 10:25:45,672 INFO L899 garLoopResultBuilder]: For program point L1940(lines 1940 1944) no Hoare annotation was computed. [2022-12-14 10:25:45,672 INFO L899 garLoopResultBuilder]: For program point L1907(lines 1907 1911) no Hoare annotation was computed. [2022-12-14 10:25:45,672 INFO L895 garLoopResultBuilder]: At program point L1940-1(lines 1812 1958) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,672 INFO L895 garLoopResultBuilder]: At program point $Ultimate##66(lines 1892 1951) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,672 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-12-14 10:25:45,672 INFO L895 garLoopResultBuilder]: At program point $Ultimate##51(lines 1878 1952) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,672 INFO L895 garLoopResultBuilder]: At program point L1959(lines 1811 1960) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,672 INFO L899 garLoopResultBuilder]: For program point L1860(lines 1860 1864) no Hoare annotation was computed. [2022-12-14 10:25:45,673 INFO L895 garLoopResultBuilder]: At program point $Ultimate##45(lines 1867 1953) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,673 INFO L895 garLoopResultBuilder]: At program point $Ultimate##39(lines 1856 1954) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,673 INFO L895 garLoopResultBuilder]: At program point $Ultimate##33(lines 1845 1955) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,673 INFO L902 garLoopResultBuilder]: At program point L2423-1(lines 2406 2428) the Hoare annotation is: true [2022-12-14 10:25:45,673 INFO L895 garLoopResultBuilder]: At program point L2423(line 2423) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,673 INFO L899 garLoopResultBuilder]: For program point L2473(lines 2473 2480) no Hoare annotation was computed. [2022-12-14 10:25:45,673 INFO L902 garLoopResultBuilder]: At program point L2473-2(lines 2473 2480) the Hoare annotation is: true [2022-12-14 10:25:45,675 INFO L895 garLoopResultBuilder]: At program point L2391-1(lines 2386 2395) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (<= ~__ste_client_idCounter1~0 2) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (<= 2 ~__ste_client_idCounter1~0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-12-14 10:25:45,677 INFO L895 garLoopResultBuilder]: At program point L2391(line 2391) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| ~rjh~0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= ~__ste_client_idCounter0~0 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (<= 1 ~__ste_client_idCounter0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-12-14 10:25:45,677 INFO L899 garLoopResultBuilder]: For program point L1813(lines 1812 1958) no Hoare annotation was computed. [2022-12-14 10:25:45,677 INFO L895 garLoopResultBuilder]: At program point $Ultimate##18(lines 1831 1956) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,677 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(line -1) the Hoare annotation is: true [2022-12-14 10:25:45,677 INFO L899 garLoopResultBuilder]: For program point L1929(lines 1929 1933) no Hoare annotation was computed. [2022-12-14 10:25:45,677 INFO L899 garLoopResultBuilder]: For program point L1896(lines 1896 1900) no Hoare annotation was computed. [2022-12-14 10:25:45,677 INFO L895 garLoopResultBuilder]: At program point L1882(lines 1882 1889) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,677 INFO L899 garLoopResultBuilder]: For program point L1849(lines 1849 1853) no Hoare annotation was computed. [2022-12-14 10:25:45,678 INFO L895 garLoopResultBuilder]: At program point L1835(lines 1835 1842) the Hoare annotation is: (= |ULTIMATE.start_main_~tmp~15#1| 1) [2022-12-14 10:25:45,678 INFO L899 garLoopResultBuilder]: For program point getEmailFromEXIT(lines 125 143) no Hoare annotation was computed. [2022-12-14 10:25:45,678 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 125 143) the Hoare annotation is: true [2022-12-14 10:25:45,678 INFO L899 garLoopResultBuilder]: For program point isReadableEXIT(lines 2534 2542) no Hoare annotation was computed. [2022-12-14 10:25:45,678 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 2534 2542) the Hoare annotation is: true [2022-12-14 10:25:45,678 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 1699 1708) the Hoare annotation is: true [2022-12-14 10:25:45,678 INFO L899 garLoopResultBuilder]: For program point queueEXIT(lines 1699 1708) no Hoare annotation was computed. [2022-12-14 10:25:45,678 INFO L899 garLoopResultBuilder]: For program point setClientIdEXIT(lines 1538 1557) no Hoare annotation was computed. [2022-12-14 10:25:45,678 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 1538 1557) the Hoare annotation is: true [2022-12-14 10:25:45,681 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-12-14 10:25:45,682 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-12-14 10:25:45,717 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.12 10:25:45 BoogieIcfgContainer [2022-12-14 10:25:45,718 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-12-14 10:25:45,718 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-12-14 10:25:45,718 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-12-14 10:25:45,718 INFO L275 PluginConnector]: Witness Printer initialized [2022-12-14 10:25:45,719 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.12 10:21:22" (3/4) ... [2022-12-14 10:25:45,721 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure sendEmail [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailFrom [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailTo [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailTo [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailFrom [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isReadable [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure queue [2022-12-14 10:25:45,725 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientId [2022-12-14 10:25:45,735 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 108 nodes and edges [2022-12-14 10:25:45,736 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 41 nodes and edges [2022-12-14 10:25:45,736 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2022-12-14 10:25:45,737 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 3 nodes and edges [2022-12-14 10:25:45,737 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-12-14 10:25:45,738 INFO L961 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-12-14 10:25:45,757 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && rjh == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && __ste_Client_AddressBook2_Alias0 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && tmp == 1) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && __ste_client_idCounter0 <= 1) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && 1 <= __ste_client_idCounter0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-12-14 10:25:45,757 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_client_idCounter1 <= 2) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && tmp == 1) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && 2 <= __ste_client_idCounter1) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-12-14 10:25:45,757 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __cil_tmp2 == 0) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && \old(chuck___0) <= 3) && tmp == 1) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_client_idCounter2 <= 3) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && 3 <= __ste_client_idCounter2) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && 3 == chuck) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && __ste_client_forwardReceiver1 == 0) && 3 <= chuck___0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && 3 <= \old(chuck___0)) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __cil_tmp2 == 25) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && chuck___0 <= 3) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-12-14 10:25:45,758 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_Client_AddressBook1_Address2 == 0) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(bob == 1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(\old(__ste_email_to0) == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(bob == \old(sender))) || !(\old(__ste_email_to1) == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(\old(receiver) == rjh)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(\old(__ste_email_from1) == 0)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || ((((((((((((((((queued_message <= 0 && 0 <= __ste_email_from0) && \old(receiver) == receiver) && from == __ste_email_from0) && 0 <= queued_message) && from == \old(from)) && 1 <= sender) && sender <= 1) && \old(queue_empty) == queue_empty) && __ste_email_from0 <= 0) && __ste_email_to0 == to) && queued_client == \old(queued_client)) && \old(to) <= 2) && 2 <= \old(to)) && 2 <= to) && __ste_email_to0 <= 2) && 1 == msg)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) [2022-12-14 10:25:45,759 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(1 <= \old(client)) || ((((((((((((((((((((((((((((((((((((((((((((((((((((((((2 <= tmp && \old(client) == client) && \old(client) == client) && 1 <= \old(client)) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && \old(handle) == client) && \old(handle) == handle) && 1 <= msg) && \old(client) == client) && msg == \old(msg)) && client == \old(client)) && \old(client) == tmp) && queued_message <= 0) && \old(msg) == msg) && __ste_email_from0 <= 2147483647) && client == \old(client)) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && msg == \old(msg)) && \result <= 2147483647) && client == \old(client)) && \old(msg) == msg) && queue_empty <= 1) && 1 <= handle) && \result == tmp) && \result == retValue_acc) && 1 <= \old(msg)) && msg == \old(msg)) && __ste_client_idCounter0 <= 2147483647) && msg == \old(msg)) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && tmp <= 2) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && \old(msg) == msg) && msg <= 1) && msg == \old(msg)) && \old(client) <= 1) && client == \old(client)) && msg <= 1) && retValue_acc == __ste_client_autoResponse1) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(rjh == \old(__ste_email_to0))) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(\old(client) <= 1)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(\old(msg) == 1)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(bob == \old(client))) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 == tmp)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) [2022-12-14 10:25:45,759 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(1 <= \old(client)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(rjh == \old(__ste_email_to0))) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(\old(client) <= 1)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(\old(msg) == 1)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(bob == \old(client))) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || ((((((queued_message == \old(queued_message) && __ste_email_to0 == \old(__ste_email_to0)) && __ste_email_to1 == \old(__ste_email_to1)) && \old(__ste_email_from0) == __ste_email_from0) && \old(__ste_email_from1) == __ste_email_from1) && \old(queue_empty) == queue_empty) && queued_client == \old(queued_client))) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) [2022-12-14 10:25:45,759 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(1 <= \old(client)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(rjh == \old(__ste_email_to0))) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(\old(client) <= 1)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(\old(msg) == 1)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(bob == \old(client))) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || (((((((((((((((((((((((((((((((((((1 <= \old(client) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && 1 <= msg) && queued_message <= 0) && __ste_email_from0 <= 2147483647) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && \result <= 2147483647) && queue_empty <= 1) && 1 <= handle) && aux-getEmailTo(msg)-aux <= 2) && 1 <= \old(msg)) && __ste_client_idCounter0 <= 2147483647) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && msg <= 1) && \old(client) <= 1) && msg <= 1) && 2 <= aux-getEmailTo(msg)-aux) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) [2022-12-14 10:25:45,790 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/witness.graphml [2022-12-14 10:25:45,791 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-12-14 10:25:45,791 INFO L158 Benchmark]: Toolchain (without parser) took 264483.51ms. Allocated memory was 176.2MB in the beginning and 371.2MB in the end (delta: 195.0MB). Free memory was 136.3MB in the beginning and 119.1MB in the end (delta: 17.2MB). Peak memory consumption was 214.3MB. Max. memory is 16.1GB. [2022-12-14 10:25:45,791 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 176.2MB. Free memory was 146.4MB in the beginning and 146.3MB in the end (delta: 28.1kB). There was no memory consumed. Max. memory is 16.1GB. [2022-12-14 10:25:45,791 INFO L158 Benchmark]: CACSL2BoogieTranslator took 580.31ms. Allocated memory is still 176.2MB. Free memory was 136.3MB in the beginning and 98.9MB in the end (delta: 37.3MB). Peak memory consumption was 37.7MB. Max. memory is 16.1GB. [2022-12-14 10:25:45,792 INFO L158 Benchmark]: Boogie Procedure Inliner took 65.47ms. Allocated memory is still 176.2MB. Free memory was 98.9MB in the beginning and 94.7MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-12-14 10:25:45,792 INFO L158 Benchmark]: Boogie Preprocessor took 41.18ms. Allocated memory is still 176.2MB. Free memory was 94.7MB in the beginning and 91.4MB in the end (delta: 3.4MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-12-14 10:25:45,792 INFO L158 Benchmark]: RCFGBuilder took 771.31ms. Allocated memory was 176.2MB in the beginning and 211.8MB in the end (delta: 35.7MB). Free memory was 91.4MB in the beginning and 139.3MB in the end (delta: -48.0MB). Peak memory consumption was 41.0MB. Max. memory is 16.1GB. [2022-12-14 10:25:45,792 INFO L158 Benchmark]: TraceAbstraction took 262945.89ms. Allocated memory was 211.8MB in the beginning and 371.2MB in the end (delta: 159.4MB). Free memory was 138.3MB in the beginning and 129.6MB in the end (delta: 8.7MB). Peak memory consumption was 198.5MB. Max. memory is 16.1GB. [2022-12-14 10:25:45,793 INFO L158 Benchmark]: Witness Printer took 72.70ms. Allocated memory is still 371.2MB. Free memory was 129.6MB in the beginning and 119.1MB in the end (delta: 10.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-12-14 10:25:45,794 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 176.2MB. Free memory was 146.4MB in the beginning and 146.3MB in the end (delta: 28.1kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 580.31ms. Allocated memory is still 176.2MB. Free memory was 136.3MB in the beginning and 98.9MB in the end (delta: 37.3MB). Peak memory consumption was 37.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 65.47ms. Allocated memory is still 176.2MB. Free memory was 98.9MB in the beginning and 94.7MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 41.18ms. Allocated memory is still 176.2MB. Free memory was 94.7MB in the beginning and 91.4MB in the end (delta: 3.4MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 771.31ms. Allocated memory was 176.2MB in the beginning and 211.8MB in the end (delta: 35.7MB). Free memory was 91.4MB in the beginning and 139.3MB in the end (delta: -48.0MB). Peak memory consumption was 41.0MB. Max. memory is 16.1GB. * TraceAbstraction took 262945.89ms. Allocated memory was 211.8MB in the beginning and 371.2MB in the end (delta: 159.4MB). Free memory was 138.3MB in the beginning and 129.6MB in the end (delta: 8.7MB). Peak memory consumption was 198.5MB. Max. memory is 16.1GB. * Witness Printer took 72.70ms. Allocated memory is still 371.2MB. Free memory was 129.6MB in the beginning and 119.1MB in the end (delta: 10.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 2359]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 92 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 262.9s, OverallIterations: 6, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 66.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 45.2s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 460 SdHoareTripleChecker+Valid, 9.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 446 mSDsluCounter, 4401 SdHoareTripleChecker+Invalid, 8.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3721 mSDsCounter, 36 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3272 IncrementalHoareTripleChecker+Invalid, 3308 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 36 mSolverCounterUnsat, 680 mSDtfsCounter, 3272 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 317 GetRequests, 242 SyntacticMatches, 0 SemanticMatches, 75 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 657 ImplicationChecksByTransitivity, 173.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=258occurred in iteration=5, InterpolantAutomatonStates: 71, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 6 MinimizatonAttempts, 108 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 60 LocationsWithAnnotation, 426 PreInvPairs, 669 NumberOfFragments, 11078 HoareAnnotationTreeSize, 426 FomulaSimplifications, 125400 FormulaSimplificationTreeSizeReduction, 5.3s HoareSimplificationTime, 60 FomulaSimplificationsInter, 11494 FormulaSimplificationTreeSizeReductionInter, 39.8s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 0.6s InterpolantComputationTime, 377 NumberOfCodeBlocks, 377 NumberOfCodeBlocksAsserted, 8 NumberOfCheckSat, 463 ConstructedInterpolants, 0 QuantifiedInterpolants, 567 SizeOfPredicates, 0 NumberOfNonLiveVariables, 1561 ConjunctsInSsa, 6 ConjunctsInUnsatCore, 10 InterpolantComputations, 4 PerfectInterpolantSequences, 89/101 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 31.8s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 10, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 63, DAG_INTERPRETER_EARLY_EXITS: 2, TOOLS_POST_APPLICATIONS: 69, TOOLS_POST_TIME: 15.2s, TOOLS_POST_CALL_APPLICATIONS: 35, TOOLS_POST_CALL_TIME: 6.9s, TOOLS_POST_RETURN_APPLICATIONS: 22, TOOLS_POST_RETURN_TIME: 2.2s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 126, TOOLS_QUANTIFIERELIM_TIME: 24.2s, TOOLS_QUANTIFIERELIM_MAX_TIME: 3.2s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 190, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 35, DOMAIN_JOIN_TIME: 6.8s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 2, DOMAIN_WIDEN_TIME: 0.4s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 4, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 63, DOMAIN_ISBOTTOM_TIME: 0.2s, LOOP_SUMMARIZER_APPLICATIONS: 2, LOOP_SUMMARIZER_CACHE_MISSES: 2, LOOP_SUMMARIZER_OVERALL_TIME: 3.4s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 3.4s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 4, CALL_SUMMARIZER_APPLICATIONS: 22, CALL_SUMMARIZER_CACHE_MISSES: 6, CALL_SUMMARIZER_OVERALL_TIME: 0.0s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.0s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 921, DAG_COMPRESSION_RETAINED_NODES: 195, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 1650]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1594]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(1 <= \old(client)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(rjh == \old(__ste_email_to0))) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(\old(client) <= 1)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(\old(msg) == 1)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(bob == \old(client))) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || (((((((((((((((((((((((((((((((((((1 <= \old(client) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && 1 <= msg) && queued_message <= 0) && __ste_email_from0 <= 2147483647) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && \result <= 2147483647) && queue_empty <= 1) && 1 <= handle) && aux-getEmailTo(msg)-aux <= 2) && 1 <= \old(msg)) && __ste_client_idCounter0 <= 2147483647) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && msg <= 1) && \old(client) <= 1) && msg <= 1) && 2 <= aux-getEmailTo(msg)-aux) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) - InvariantResult [Line: 1845]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2560]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_Client_AddressBook1_Address2 == 0) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(bob == 1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(\old(__ste_email_to0) == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(bob == \old(sender))) || !(\old(__ste_email_to1) == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(\old(receiver) == rjh)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(\old(__ste_email_from1) == 0)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || ((((((((((((((((queued_message <= 0 && 0 <= __ste_email_from0) && \old(receiver) == receiver) && from == __ste_email_from0) && 0 <= queued_message) && from == \old(from)) && 1 <= sender) && sender <= 1) && \old(queue_empty) == queue_empty) && __ste_email_from0 <= 0) && __ste_email_to0 == to) && queued_client == \old(queued_client)) && \old(to) <= 2) && 2 <= \old(to)) && 2 <= to) && __ste_email_to0 <= 2) && 1 == msg)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) - InvariantResult [Line: 1662]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2396]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __cil_tmp2 == 0) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && \old(chuck___0) <= 3) && tmp == 1) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_client_idCounter2 <= 3) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && 3 <= __ste_client_idCounter2) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && 3 == chuck) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && __ste_client_forwardReceiver1 == 0) && 3 <= chuck___0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && 3 <= \old(chuck___0)) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __cil_tmp2 == 25) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && chuck___0 <= 3) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 2386]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_client_idCounter1 <= 2) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && tmp == 1) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && 2 <= __ste_client_idCounter1) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1835]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2359]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 1757]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1632]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(1 <= \old(client)) || ((((((((((((((((((((((((((((((((((((((((((((((((((((((((2 <= tmp && \old(client) == client) && \old(client) == client) && 1 <= \old(client)) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && \old(handle) == client) && \old(handle) == handle) && 1 <= msg) && \old(client) == client) && msg == \old(msg)) && client == \old(client)) && \old(client) == tmp) && queued_message <= 0) && \old(msg) == msg) && __ste_email_from0 <= 2147483647) && client == \old(client)) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && msg == \old(msg)) && \result <= 2147483647) && client == \old(client)) && \old(msg) == msg) && queue_empty <= 1) && 1 <= handle) && \result == tmp) && \result == retValue_acc) && 1 <= \old(msg)) && msg == \old(msg)) && __ste_client_idCounter0 <= 2147483647) && msg == \old(msg)) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && tmp <= 2) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && \old(msg) == msg) && msg <= 1) && msg == \old(msg)) && \old(client) <= 1) && client == \old(client)) && msg <= 1) && retValue_acc == __ste_client_autoResponse1) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(rjh == \old(__ste_email_to0))) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(\old(client) <= 1)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(\old(msg) == 1)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(bob == \old(client))) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 == tmp)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) - InvariantResult [Line: 1882]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2417]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 1903]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2336]: Loop Invariant Derived loop invariant: !(0 == tmp) - InvariantResult [Line: 1856]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 1600]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(1 <= \old(client)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(\old(queued_message) == 0)) || !(\old(__ste_email_from0) == 0)) || !(rjh == \old(__ste_email_to0))) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(rjh == 2)) || !(__ste_ClientAddressBook_size1 == 0)) || !(0 == __ste_Client_AddressBook0_Address0)) || !(#NULL == 0)) || !(__ste_Client_counter == 0)) || !(0 == __ste_Client_AddressBook0_Address1)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(__ste_client_name2 == 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(__SELECTED_FEATURE_AddressBook == 0)) || !(__ste_Client_AddressBook0_Alias2 == 0)) || !(__ste_email_id0 == 0)) || !(__SELECTED_FEATURE_Keys == 0)) || !(__ste_client_privateKey2 == 0)) || !(__ste_Client_AddressBook2_Address0 == 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_email_isSigned0 == 0)) || !(__ste_email_encryptionKey0 == 0)) || !(__ste_Client_Keyring0_User0 == 0)) || !(__ste_client_privateKey1 == 0)) || !(__ste_email_signKey1 == 0)) || !(__ste_client_name0 == 0)) || !(\old(client) <= 1)) || !(__ste_Client_AddressBook2_Address1 == 0)) || !(__GUIDSL_ROOT_PRODUCTION == 0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_email_body1 == 0)) || !(__GUIDSL_NON_TERMINAL_main == 0)) || !(__ste_Client_Keyring1_PublicKey2 == 0)) || !(__ste_client_outbuffer0 == 0)) || !(0 == __ste_Client_AddressBook0_Address2)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body1 == 0)) || !(\old(msg) == 1)) || !(__ste_email_body0 == 0)) || !(__ste_Client_Keyring1_User0 == 0)) || !(__ste_email_isEncrypted1 == 0)) || !(__ste_Client_AddressBook1_Alias0 == 0)) || !(head == 0)) || !(__ste_email_id1 == 0)) || !(__ste_client_forwardReceiver2 == 0)) || !(__ste_client_outbuffer1 == 0)) || !(__ste_ClientKeyring_size0 == 0)) || !(__ste_email_signKey0 == 0)) || !(__SELECTED_FEATURE_Sign == 0)) || !(__ste_client_privateKey0 == 0)) || !(__ste_Client_AddressBook2_Alias1 == 0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_Client_Keyring2_PublicKey0 == 0)) || !(__ste_email_isSignatureVerified0 == 0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_email_encryptionKey1 == 0)) || !(bob == \old(client))) || !(__ste_email_subject0 == 0)) || !(__ste_Client_AddressBook1_Alias2 == 0)) || !(__ste_Client_Keyring1_PublicKey0 == 0)) || !(#NULL == 0)) || !(\old(queued_client) == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(__ste_Client_Keyring2_User1 == 0)) || !(__ste_Client_Keyring0_PublicKey0 == 0)) || ((((((queued_message == \old(queued_message) && __ste_email_to0 == \old(__ste_email_to0)) && __ste_email_to1 == \old(__ste_email_to1)) && \old(__ste_email_from0) == __ste_email_from0) && \old(__ste_email_from1) == __ste_email_from1) && \old(queue_empty) == queue_empty) && queued_client == \old(queued_client))) || !(__ste_email_isSignatureVerified1 == 0)) || !(__ste_email_subject1 == 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(__ste_Client_AddressBook1_Address1 == 0)) || !(\old(queue_empty) == 1)) || !(__SELECTED_FEATURE_Decrypt == 0)) || !(__ste_client_name0 == 0)) || !(3 == chuck)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(__SELECTED_FEATURE_Verify == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_Client_Keyring2_User2 == 0)) || !(__SELECTED_FEATURE_AutoResponder == 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_ClientAddressBook_size0 == 0)) || !(__ste_client_autoResponse1 <= 1)) || !(__ste_client_forwardReceiver3 == 0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_client_forwardReceiver1 == 0)) || !(__ste_Client_Keyring1_User2 == 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_client_outbuffer2 == 0)) || !(__ste_email_isEncrypted0 == 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(__ste_Client_Keyring2_PublicKey2 == 0)) || !(__SELECTED_FEATURE_Encrypt == 0)) || !(__ste_client_name1 == 0)) || !(__ste_Client_AddressBook2_Alias0 == 0)) || !(__ste_email_isSigned1 == 0)) || !(head == 0)) || !(__ste_Client_AddressBook0_Alias1 == 0)) || !(__ste_Email_counter == 0)) || !(3 <= __ste_client_idCounter2)) || !(__ste_email_subject1 == 0)) || !(0 == __ste_email_subject0)) || !(__ste_Client_Keyring0_PublicKey2 == 0)) || !(__ste_ClientKeyring_size1 == 0) - InvariantResult [Line: 1936]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2473]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1867]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2376]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && rjh == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && __ste_Client_AddressBook2_Alias0 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && tmp == 1) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && __ste_client_idCounter0 <= 1) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && 1 <= __ste_client_idCounter0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1831]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 1892]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2406]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1925]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 1812]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 1914]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2527]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1737]: Loop Invariant Derived loop invariant: !(0 == tmp) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1811]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 2414]: Loop Invariant Derived loop invariant: tmp == 1 - InvariantResult [Line: 1878]: Loop Invariant Derived loop invariant: tmp == 1 RESULT: Ultimate proved your program to be correct! [2022-12-14 10:25:45,826 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3fa63af-33ec-47e9-809a-decac952b11c/bin/utaipan-gh47qXpMRh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE